General
-
Target
363e77efdf153b6c5f034033f06b3150266db15596207c541ae57bc2666fbc88
-
Size
52KB
-
Sample
230718-p9a37abb9y
-
MD5
1b571a1f96a70102d4bbf756094df8c7
-
SHA1
47fbf53331dbfc0b64576a35fc4cc1700c5d1d31
-
SHA256
363e77efdf153b6c5f034033f06b3150266db15596207c541ae57bc2666fbc88
-
SHA512
2248e88c9ac1a429b0aabb684b1aa9df8920bd9f6787e7cbc12646998b56e6c09feadce81698e37c635c1f23190e61a9b14148700a22e18570f0ff90f462bdb1
-
SSDEEP
768:woyDYSt1e9lIYEKQ7mkb4abfHP65xthEjm680lk:TyT1e9mYuccviNSjVtk
Static task
static1
Behavioral task
behavioral1
Sample
363e77efdf153b6c5f034033f06b3150266db15596207c541ae57bc2666fbc88.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
363e77efdf153b6c5f034033f06b3150266db15596207c541ae57bc2666fbc88.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1_bldxa2NI5RRFoU8gSofIDZrfQrVbOx4
Targets
-
-
Target
363e77efdf153b6c5f034033f06b3150266db15596207c541ae57bc2666fbc88
-
Size
52KB
-
MD5
1b571a1f96a70102d4bbf756094df8c7
-
SHA1
47fbf53331dbfc0b64576a35fc4cc1700c5d1d31
-
SHA256
363e77efdf153b6c5f034033f06b3150266db15596207c541ae57bc2666fbc88
-
SHA512
2248e88c9ac1a429b0aabb684b1aa9df8920bd9f6787e7cbc12646998b56e6c09feadce81698e37c635c1f23190e61a9b14148700a22e18570f0ff90f462bdb1
-
SSDEEP
768:woyDYSt1e9lIYEKQ7mkb4abfHP65xthEjm680lk:TyT1e9mYuccviNSjVtk
Score10/10-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-